Webhook 在 Rails 中返回 401 [英] Webhook returning 401 in Rails

问题描述

我使用 Fluidsurveys 创建了一个 webhook，它对应于这个控制器:

I have created a webhook using Fluidsurveys which corresponds to this controller:

    class HooksController < ApplicationController
  skip_before_filter  :verify_authenticity_token

  def response_created_callback
    # If the body contains the score parameter...
    if params[:_completed].present?
      # Create a new Response object based on the received parameters...
      response = FluidsurveysResponse.new(:completed => params[:_completed])
      response.invite_email = params[:_invite_email]
      response.locale = params[:_locale]
      response.key = params[:_key]
      response.webhook = params[:webhook]
      response.survey_name = params[:survey_name]
      response.username = params[:_username]
      response.weighted_score = params[:_weighted_score]
      response.completion_time = params[:_completion_time]
      response.ip_address = params[:_ip_address]
      response.num_responses = params[:num_responses]
      response.survey_id = params[:survey_id]
      response.invite_name = params[:_invite_name]
      response.language = params[:_language]
      response.referrer = params[:_referrer]
      response.fs_created_at = params[:_created_at]
      response.fs_updated_at = params[:_updated_at]
      response.survey_url = params[:survey_url]
      response.fs_id = params[:_id]
      response.collector_id = params[:_collector_id]
      response.comment = params[:Comment]
      response.nps_score = params[:NPSScore]
      response.save!
    end

    # The webhook doesn't require a response but let's make sure
    # we don't send anything
    render :nothing => true
  end

end

webhook 似乎工作正常，正如我在日志中看到的:

The webhook seems to work fine, as I see this in my logs:

2014-01-20T13:49:01.231772+00:00 app[web.1]: Started POST "/hooks/response_created_callback" for 184.107.171.218 at 2014-01-20 13:49:01 +0000
2014-01-20T13:49:01.327989+00:00 app[web.1]: Processing by HooksController#response_created_callback as */*
2014-01-20T13:49:01.328149+00:00 app[web.1]:   Parameters: {"_invite_email"=>"N/A", "_locale"=>"298", "_updated_at"=>"2014-01-20 13:49:00.738850", "_language"=>"en", "_key"=>"b5ec09680a4274cec0052d4049bec338a906e5b8", "webhook"=>"event", "survey_name"=>"Test", "_referrer"=>"http://fluidsurveys.com/surveys/marketing/test-nps-for-dc/", "_username"=>"marketing", "survey_url"=>"http://fluidsurveys.com/surveys/marketing/test-nps-for-dc/", "_id"=>"39164209", "_created_at"=>"2014-01-20 13:49:00.243640", "_weighted_score"=>"0.0", "_completion_time"=>"00:00:00", "_completed"=>"1", "_ip_address"=>"66.192.31.1", "yptmAoJw6i"=>"Detractor: 0", "num_responses"=>"261", "survey_id"=>"263692", "_extra_info"=>"weighted_score", "_invite_name"=>"N/A"}
2014-01-20T13:49:01.369963+00:00 app[web.1]: Completed 401 Unauthorized in 41ms

如您所见，帖子被制作为正确的控制器操作.路线设置正确，但出现 401 错误.我不明白这里需要进行什么身份验证......参数正在传递给控制器​​，在我看来，我认为我的应用程序不需要进行任何身份验证.它收到一个请求，按照它说的去做，然后就完成了.

As you can see, the post gets made to the right controller action. The route is setup correctly, but I get a 401 error. I don't understand what authentication needs to happen here...The params are getting passed to the controller, and in my mind I see no need for my app to authenticate anything. It receives a request, does what it's told, and then it's done.

我在这里遗漏了什么导致 401 错误?

What am I missing here that is causing the 401 error?

从我的控制器中删除 skip_before_filter :verify_authenticity_token 后，我收到此错误:

After remove skip_before_filter :verify_authenticity_token from my controller, I get this error:

Can't verify CSRF token authenticity
2014-01-20T16:07:12.222512+00:00 app[web.1]: Completed 422 Unprocessable Entity in 28ms
2014-01-20T16:07:12.225905+00:00 app[web.1]:
2014-01-20T16:07:12.225905+00:00 app[web.1]: ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):

推荐答案

问题是我使用 devise 进行用户身份验证，而我的应用程序阻止了 post 请求，因为没有身份验证凭据被传递给我的控制器.

The issue is that I am using devise for user authentication, and my app was blocking the post request because there were no authentication credentials being passed to my controller.

通过将这一行添加到我的控制器中，我解决了这个问题:

By adding this line to my controller I solved the issue:

skip_before_filter :verify_authenticity_token, :authenticate_user!

这篇关于Webhook 在 Rails 中返回 401的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！